Office of Resources and Technology; Statement of Organization, Functions and Delegations of Authority, 31486-31487 [E8-12025]

Download as PDF 31486 Federal Register / Vol. 73, No. 106 / Monday, June 2, 2008 / Notices using encryption software. Paper records, when created, are kept in file folders and cabinets in secure rooms. ACTION: RETRIEVABILITY: Records are retrieved by name, Social Security Number, or Applicant or Employee ID. SAFEGUARDS: Computer records are protected by a password system. Paper output is stored in locked metal containers or in secured rooms when not in use. Information is released to authorized officials based on their need to know. RETENTION AND DISPOSAL: Records are disposed of by shredding or burning as scheduled in the handbook, GSA Records Maintenance and Disposition System (OAD P 1820.2). SYSTEM MANAGER AND ADDRESS: CHRIS Program Manager (CID), Office of the Chief Information Officer, Office of the Chief Human Capital Officer, General Services Administration, 1800 F Street, NW., Washington, DC 20405. NOTIFICATION PROCEDURE: Address inquiries to: Director of Human Resources Services (CP), Office of the Chief People Officer, General Services Administration, 1800 F Street, NW., Washington, DC 20405; or, for regional personnel records, to the regional Human Resources Officer at the addresses listed above under System Location. RECORD ACCESS PROCEDURES: Requests from individuals for access to their records should be addressed to the system manager. CONTESTING RECORD PROCEDURES: Rules for contesting the content of a record and appealing a decision are contained in 41 CFR 105–64. Notice of appointments. SUMMARY: The Balanced Budget Act of 1997 established the Medicare Payment Advisory Commission (MedPAC) and gave the Comptroller General responsibility for appointing its members. This notice announces three new appointments and two reappointments to fill the vacancies occurring this year. DATES: Appointments are effective May 1, 2008 through April 30, 2011, except as noted. ADDRESSES: GAO: 441 G Street, NW., Washington, DC 20548. MedPAC: 601 New Jersey Avenue, NW., Suite 9000, Washington, DC 20001. FOR MORE INFORMATION CONTACT: GAO: Office of Public Affairs, (202) 512–4800. MedPAC: Mark E. Miller, Ph.D., (202) 220–3700. SUPPLEMENTARY INFORMATION: To fill this year’s vacancies I am announcing the following: Newly appointed members are Peter W. Butler, M.H.S.A., Executive Vice President and Chief Operating Officer, Rush University Medical Center; Michael Chernew, Ph.D., professor, Department of Health Care Policy; and George N. Miller, Jr., M.H.S.A., Regional President and Chief Executive Officer, Community Mercy Health Partners. Reappointed members are Jennie Chin Hansen, R.N., M.S.N., member, Board of Directors, AARP; and Nancy M. Kane, D.B.A., professor of management, Department of Health Policy Management, Harvard School of Public Health. (Sec. 4022, Pub. L. 105–33, 111 Stat. 251, 350) Gene L. Dodaro, Acting Comptroller General of the United States. [FR Doc. E8–12023 Filed 5–30–08; 8:45 am] RECORD SOURCE CATEGORIES: The sources for the system information are the individuals themselves, other employees, supervisors, management officials, officials of other agencies, and record systems GSA/HRO–37, OPM/GOVT–1, and EEOC/GOVT–1. BILLING CODE 1610–02–M [FR Doc. E8–11822 Filed 5–30–08; 8:45 am] Office of Resources and Technology; Statement of Organization, Functions and Delegations of Authority BILLING CODE 6820–34–M jlentini on PROD1PC65 with NOTICES GOVERNMENT ACCOUNTABILITY OFFICE Appointments to the Medicare Payment Advisory Commission Government Accountability Office (GAO). AGENCY: VerDate Aug<31>2005 19:06 May 30, 2008 Jkt 214001 DEPARTMENT OF HEALTH AND HUMAN SERVICES Office of the Secretary Part A, Office of the Secretary, Statement of Organization, Functions and Delegations of Authority for the Department of Health and Human Services (HHS) is being amended at Chapter AM, Office of Resources and Technology, as last amended at 72 FR 2282–88 on January 18, 2007, and more PO 00000 Frm 00062 Fmt 4703 Sfmt 4703 recently at 72 FR 56074, on October 2, 2007. This reorganization is to establish within the Office of the Chief Information Officer (AMM), a new Office of Information Technology Security (AMM6). The changes are as follows: I. Under Chapter AM, Section AMM. 10 Organization, delete in its entirety and replace with the following: AMM.10 Organization. The Office of the Chief Information Officer (OCIO) is headed by the Deputy Assistant Secretary for Information Technology/ HHS Chief Information Officer (CIO), who reports to the Secretary and the Assistant Secretary for Resources and Technology (ASRT). The HHS CIO serves as the primary IT leader for the Department, and the OCIO consists of the following: Æ Immediate Office (AMM). Æ Office of Resources Management (AMM2). Æ Office of Enterprise Architecture (AMM4). Æ Office of Enterprise Project Management (AMM5). Æ Office of Information Technology Security (AMM6). II. Under AM, Section AMM.20 Functions, make the following changes: A. Under Paragraph 3, ‘‘Office of Enterprise Architecture (AMM4),’’ delete in its entirety and replace with the following: 3. Office of Enterprise Architecture (AMM4): The Office of Enterprise Architecture (OEA) is headed by the Director, Office of Enterprise Architecture who is also the HHS Chief Enterprise Architect and supports all planning and enterprise programs that fall under the OCIO. The OEA is responsible for: a. Working with OPDIV Chief Information Officers (CIOs) to support Government-wide initiatives of the Federal CIO Council and to identify opportunities for participation and consultation in information technology projects with major effects on OPDIV program performance. b. Providing leadership in the planning, design, and evaluation of major Departmental projects and oversight throughout project rollout and perform post implementation performance assessments. c. Assessing risks that major information systems pose to performance of program operations and administrative business throughout the Department, develops risk assessment policies and standard operating procedures and tools, and uses program outcome measures to gauge the quality of Departmental information resources management. E:\FR\FM\02JNN1.SGM 02JNN1 jlentini on PROD1PC65 with NOTICES Federal Register / Vol. 73, No. 106 / Monday, June 2, 2008 / Notices d. Coordinating the Department’s strategic planning, capital planning and investment control (CPIC), budgeting and performance management processes for information technology, and provides direct planning development and support to assure that IRM plans support agency business planning and mission accomplishment. e. Coordinating the activities of the Departmental Information Technology Investment Review Board (ITIRB) in assessing and prioritizing the Department’s major information systems, and in analyzing and evaluating IT investment decisions. Reviews OPDJV ITIRB implementations, IT capital funding decisions, and use of performance metrics to evaluate programs for both initial and continued funding. f. Coordinating and supporting the Department’s Chief Information Officer’s Council, whose membership consists of the Chief Information Officers from each OPDIV. g. Representing the Department through participation on interagency and Departmental work groups and task forces, as appropriate. h. Working with OPDIV Chief Information Officers to identify opportunities for administering information management functions and telecommunications initiatives with major effects on OPDIV performance. OEA provides leadership primarily in defining alternatives for acquisition of telecommunications services and coordinating implementation of information management initiatives in conjunction with the Director of the Office of Enterprise Project Management and the HFJS Chief Enterprise Architect. i. Providing support for special priority initiatives identified by the CIO. B. Add the following new paragraph at the end of Section AMM.20 Functions, ‘‘Office of the Chief Information Officer (AMM6).’’ 5. Office of Information Technology Security (AMM6). The Office of Information Technology Security (OITS) is headed by the Director, (OITS), who is also HHS Chief Information Security Officer (CISO), which manages HHS Security Program. The Office provides management leadership in IT security policy and guidance, expert advice and collaboration among the Operating Divisions (OPDIVs) and the Staff Divisions (STAFFDIVs) in developing, promoting and maintaining IT security measures to adequately and cost effectively protect and ensure the confidentiality, integrity and timely availability of all data and information in the custody of the Department as well as of the information systems required VerDate Aug<31>2005 19:06 May 30, 2008 Jkt 214001 to meet the Department’s current and future business needs. OJTS is responsible for: a. Developing, implementing and administering the program to protect the information resources of the Department. This includes management and oversight of activities under the Federal Information Security Management Act (FISMA), IT critical infrastructure protection (CIP), and Department-wide security contracts and high level project management of OPDIV security programs, such as corrective action plans and security policies. b. Implementing and administering the HHS security program to protect the information resources of the Department in compliance with legislation, Executive Orders, directives of the Office of Management and Budget (OMB), or other mandated requirements (e.g., the Clinger Cohen Act, Presidential Decision Directive 63, and OMB Circular A–130), the National Security Agency, and other Federal agencies. c. Directing the development of and implementing cyber security policies and guidance for the Department, including requirements for employees and contractors who are responsible for systems of data, or for the acquisition, management, or use of information resources. d. Monitoring information system security program activities in the Department by reviewing OPDIVs and STAFFDFVs security plans for sensitive systems, recommending improvements, and evaluating safeguards to protect major information systems, or IT infrastructure. e. Responding to requests in conjunction with 0MB Circular A–130, the Computer Security Act of 1987, and Presidential Decision Directive 63, or other legislative or mandated requirements related to IT security or privacy. f. Monitoring all Departmental systems development and operations for security and privacy compliance and providing advice and guidance to ensure compliance standards are included throughout system life cycle development. g. Reviewing Departmental ITIRB and ClO Council business cases (as well as 0MB circular A–11 requirements) for assurance of security and privacy compliance. h. Recommending to the ClO to grant or deny programs the authority to operate information systems, based on security compliance. i. Establishing and leading Department-wide teams to conduct reviews to protect HHS cyber and PO 00000 Frm 00063 Fmt 4703 Sfmt 4703 31487 personnel security programs and conduct vulnerability assessments of HHS critical assets. This includes regular certification of existing systems as well as newly implemented systems. The OITS activities involving personnel and cyber security are coordinated and synchronized with the Office of Security and Strategic Information. j. Reviewing the Department’s information resources for fraud, waste, and abuse to avoid having redundant resources, in conformance with the Clinger-Cohen Act. k. Developing, implementing, and evaluating employee cyber security awareness and training program to meet the requirements as mandated by 0MB Circular A–130 and the Computer Security Act. l. Establishing and providing leadership to the Subcommittee of the HHS ClO Council on Security. m. Establishing and leading the HHS Computer Security Incident Response Capability team, the Department’s overall cyber security incident response/coordination center and primary point of contact for Federal Computer Incident Response Capability (FedCIRC) and National Infrastructure Protection Center (NIPC). IV. Continuation of Policy: Except as inconsistent with this reorganization, all statements of policy and interpretations with respect to the Office of Infonnation and Resources Management heretofore issued and in effect prior to this reorganization are continued in full force and effect with respect to the Office of the Chief Information Officer. V. Delegation of Authority: All delegations and redelegations of authority previously made to officials and employees of the Office of the Chief Information Officer will continue in them or their successors pending further redelegation, provided they are consistent with this reorganization. VI. Funds, Personnel, and Equipment: Transfer of organizations and functions affected by this reorganization shall he accompanied by direct and support funds, positions, personnel, records, equipment, supplies, and other sources. Dated: May 19, 2008. Joe W. Ellis, Assistant Secretary for Administration and Management. [FR Doc. E8–12025 Filed 5–30–08; 8:45 am] BILLING CODE 4150–22–M E:\FR\FM\02JNN1.SGM 02JNN1

Agencies

[Federal Register Volume 73, Number 106 (Monday, June 2, 2008)]
[Notices]
[Pages 31486-31487]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E8-12025]


=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF HEALTH AND HUMAN SERVICES

Office of the Secretary


Office of Resources and Technology; Statement of Organization, 
Functions and Delegations of Authority

    Part A, Office of the Secretary, Statement of Organization, 
Functions and Delegations of Authority for the Department of Health and 
Human Services (HHS) is being amended at Chapter AM, Office of 
Resources and Technology, as last amended at 72 FR 2282-88 on January 
18, 2007, and more recently at 72 FR 56074, on October 2, 2007. This 
reorganization is to establish within the Office of the Chief 
Information Officer (AMM), a new Office of Information Technology 
Security (AMM6). The changes are as follows:
    I. Under Chapter AM, Section AMM. 10 Organization, delete in its 
entirety and replace with the following:
    AMM.10 Organization. The Office of the Chief Information Officer 
(OCIO) is headed by the Deputy Assistant Secretary for Information 
Technology/HHS Chief Information Officer (CIO), who reports to the 
Secretary and the Assistant Secretary for Resources and Technology 
(ASRT). The HHS CIO serves as the primary IT leader for the Department, 
and the OCIO consists of the following:
    [cir] Immediate Office (AMM).
    [cir] Office of Resources Management (AMM2).
    [cir] Office of Enterprise Architecture (AMM4).
    [cir] Office of Enterprise Project Management (AMM5).
    [cir] Office of Information Technology Security (AMM6).
    II. Under AM, Section AMM.20 Functions, make the following changes:
    A. Under Paragraph 3, ``Office of Enterprise Architecture (AMM4),'' 
delete in its entirety and replace with the following:
    3. Office of Enterprise Architecture (AMM4): The Office of 
Enterprise Architecture (OEA) is headed by the Director, Office of 
Enterprise Architecture who is also the HHS Chief Enterprise Architect 
and supports all planning and enterprise programs that fall under the 
OCIO.
    The OEA is responsible for:
    a. Working with OPDIV Chief Information Officers (CIOs) to support 
Government-wide initiatives of the Federal CIO Council and to identify 
opportunities for participation and consultation in information 
technology projects with major effects on OPDIV program performance.
    b. Providing leadership in the planning, design, and evaluation of 
major Departmental projects and oversight throughout project rollout 
and perform post implementation performance assessments.
    c. Assessing risks that major information systems pose to 
performance of program operations and administrative business 
throughout the Department, develops risk assessment policies and 
standard operating procedures and tools, and uses program outcome 
measures to gauge the quality of Departmental information resources 
management.

[[Page 31487]]

    d. Coordinating the Department's strategic planning, capital 
planning and investment control (CPIC), budgeting and performance 
management processes for information technology, and provides direct 
planning development and support to assure that IRM plans support 
agency business planning and mission accomplishment.
    e. Coordinating the activities of the Departmental Information 
Technology Investment Review Board (ITIRB) in assessing and 
prioritizing the Department's major information systems, and in 
analyzing and evaluating IT investment decisions. Reviews OPDJV ITIRB 
implementations, IT capital funding decisions, and use of performance 
metrics to evaluate programs for both initial and continued funding.
    f. Coordinating and supporting the Department's Chief Information 
Officer's Council, whose membership consists of the Chief Information 
Officers from each OPDIV.
    g. Representing the Department through participation on interagency 
and Departmental work groups and task forces, as appropriate.
    h. Working with OPDIV Chief Information Officers to identify 
opportunities for administering information management functions and 
telecommunications initiatives with major effects on OPDIV performance. 
OEA provides leadership primarily in defining alternatives for 
acquisition of telecommunications services and coordinating 
implementation of information management initiatives in conjunction 
with the Director of the Office of Enterprise Project Management and 
the HFJS Chief Enterprise Architect.
    i. Providing support for special priority initiatives identified by 
the CIO.
    B. Add the following new paragraph at the end of Section AMM.20 
Functions, ``Office of the Chief Information Officer (AMM6).''
    5. Office of Information Technology Security (AMM6). The Office of 
Information Technology Security (OITS) is headed by the Director, 
(OITS), who is also HHS Chief Information Security Officer (CISO), 
which manages HHS Security Program. The Office provides management 
leadership in IT security policy and guidance, expert advice and 
collaboration among the Operating Divisions (OPDIVs) and the Staff 
Divisions (STAFFDIVs) in developing, promoting and maintaining IT 
security measures to adequately and cost effectively protect and ensure 
the confidentiality, integrity and timely availability of all data and 
information in the custody of the Department as well as of the 
information systems required to meet the Department's current and 
future business needs. OJTS is responsible for:
    a. Developing, implementing and administering the program to 
protect the information resources of the Department. This includes 
management and oversight of activities under the Federal Information 
Security Management Act (FISMA), IT critical infrastructure protection 
(CIP), and Department-wide security contracts and high level project 
management of OPDIV security programs, such as corrective action plans 
and security policies.
    b. Implementing and administering the HHS security program to 
protect the information resources of the Department in compliance with 
legislation, Executive Orders, directives of the Office of Management 
and Budget (OMB), or other mandated requirements (e.g., the Clinger 
Cohen Act, Presidential Decision Directive 63, and OMB Circular A-130), 
the National Security Agency, and other Federal agencies.
    c. Directing the development of and implementing cyber security 
policies and guidance for the Department, including requirements for 
employees and contractors who are responsible for systems of data, or 
for the acquisition, management, or use of information resources.
    d. Monitoring information system security program activities in the 
Department by reviewing OPDIVs and STAFFDFVs security plans for 
sensitive systems, recommending improvements, and evaluating safeguards 
to protect major information systems, or IT infrastructure.
    e. Responding to requests in conjunction with 0MB Circular A-130, 
the Computer Security Act of 1987, and Presidential Decision Directive 
63, or other legislative or mandated requirements related to IT 
security or privacy.
    f. Monitoring all Departmental systems development and operations 
for security and privacy compliance and providing advice and guidance 
to ensure compliance standards are included throughout system life 
cycle development.
    g. Reviewing Departmental ITIRB and ClO Council business cases (as 
well as 0MB circular A-11 requirements) for assurance of security and 
privacy compliance.
    h. Recommending to the ClO to grant or deny programs the authority 
to operate information systems, based on security compliance.
    i. Establishing and leading Department-wide teams to conduct 
reviews to protect HHS cyber and personnel security programs and 
conduct vulnerability assessments of HHS critical assets. This includes 
regular certification of existing systems as well as newly implemented 
systems. The OITS activities involving personnel and cyber security are 
coordinated and synchronized with the Office of Security and Strategic 
Information.
    j. Reviewing the Department's information resources for fraud, 
waste, and abuse to avoid having redundant resources, in conformance 
with the Clinger-Cohen Act.
    k. Developing, implementing, and evaluating employee cyber security 
awareness and training program to meet the requirements as mandated by 
0MB Circular A-130 and the Computer Security Act.
    l. Establishing and providing leadership to the Subcommittee of the 
HHS ClO Council on Security.
    m. Establishing and leading the HHS Computer Security Incident 
Response Capability team, the Department's overall cyber security 
incident response/coordination center and primary point of contact for 
Federal Computer Incident Response Capability (FedCIRC) and National 
Infrastructure Protection Center (NIPC).
    IV. Continuation of Policy: Except as inconsistent with this 
reorganization, all statements of policy and interpretations with 
respect to the Office of Infonnation and Resources Management 
heretofore issued and in effect prior to this reorganization are 
continued in full force and effect with respect to the Office of the 
Chief Information Officer.
    V. Delegation of Authority: All delegations and redelegations of 
authority previously made to officials and employees of the Office of 
the Chief Information Officer will continue in them or their successors 
pending further redelegation, provided they are consistent with this 
reorganization.
    VI. Funds, Personnel, and Equipment: Transfer of organizations and 
functions affected by this reorganization shall he accompanied by 
direct and support funds, positions, personnel, records, equipment, 
supplies, and other sources.

    Dated: May 19, 2008.
Joe W. Ellis,
Assistant Secretary for Administration and Management.
 [FR Doc. E8-12025 Filed 5-30-08; 8:45 am]
BILLING CODE 4150-22-M
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.